• Registered: 2015-05-12
  • Posts: 2

Topic: ECDSA verification in wolfSSL

I want to use wolfSSL for my project but there are some doubts which prevent me to use WolfSSL.
Lets say there are two devices X and Y. X is running OpenSSL and Y is running wolfSSL.

Now X prepares a message and include public key into that message and sign the whole message using private key and sends a message to Y.
When Y will receive that message, will Y be able to verify that message using public key provided into message?

Note: Device X is using ECDSA for signing the message.

I have looked into OpenSSL and wolfSSL code from internet. It does not seem to me that wolfSSL will verify that signature.
I have also tried this practically on my project but I am not able to verify the message from wolfSSL. I user ecc_verify_hash API.
I am getting raw public key from OpenSSL and signature value in raw r and s format. It looks like puiblic key and signature format does not match criteria of ecc_verify_hash API.

Is this possible with wolfSSL embedded SSL to verify message signed by OpenSSL ECDSA?

Share

  • From: Bozeman, MT
  • Registered: 2010-10-20
  • Posts: 650

Re: ECDSA verification in wolfSSL

Hi,

wolfSSL's ecc_verify_hash() expects the ECC key to be of type "ecc_key", which is a structure in <wolfssl_root>/wolfssl/wolfcrypt/ecc.h. You can create an ecc_key structure by either creating a new one with:

/**
 Make a new ECC key
 rng          An active RNG state
 keysize      The keysize for the new key (in octets from 20 to 65 bytes)
 key          [out] Destination of the newly created key
 return       MP_OKAY if successful, upon error all allocated memory will be freed
 */
int wc_ecc_make_key(RNG* rng, int keysize, ecc_key* key);

or importing an existing key with one of the following functions:

/* import public ECC key in ANSI X9.63 format */
int wc_ecc_import_x963(const byte* in, word32 inLen, ecc_key* key);

/* ecc private key import, public key in ANSI X9.63 format, private raw */
int wc_ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub, word32 pubSz, ecc_key* key);

/**
 Import raw ECC key
 key       The destination ecc_key structure
 qx        x component of base point, as ASCII hex string
 qy        y component of base point, as ASCII hex string
 d         private key, as ASCII hex string
 curveName ECC curve name, from ecc_sets[]
 return    MP_OKAY on success
 */
int wc_ecc_import_raw(ecc_key* key, const char* qx, const char* qy, const char* d, const char* curveName);

Does this help?

https://www.wolfssl.com

chrisc's Website

Share